Uploaded by m rush


What Is Network Vulnerability
From the security point of view of a hardware system like PC or a network, vulnerability is a
flaw in the system which can be oppressed by a third party like a hacker for pursuing
unauthorized activities within the system and the network.
Sometimes vulnerability is also known as the attack surface as it provisions the attacker the
base with which it can exploit the system.
It can also be referred to as the flaw in the design, implementation, construction, operation,
and maintenance of a network or system which will affect or ravage the overall security
policies and management of the network.
Often people get confused with vulnerability and security risk. But, both are different as the
risk involved is the chances of an attack on any network by various means to exploit the
Classification of Vulnerability
Based on the kind of asset, we will classify the type of vulnerabilities:
 Hardware Vulnerability– It refers to the flaws that arise due to hardware
issues like excessive humidity, dust and unprotected storage of the hardware.
 Software Vulnerability– The flaw in the design technique of the project,
inappropriate testing and lack of timely audit of assets, lead to the software
 Network Vulnerability: Due to the use of open network connections,
unprotected network architecture and weak communication channel this type
of issues arise.
 Physical Vulnerability: If the system is located in an area which is subject to
heavy rain, flood or unstable power supply, etc. then it is prone to physical
 Organization Vulnerability: This vulnerability arises due to the use of
inappropriate security tools, audit rules and flaws in administrative actions.
Causes of Vulnerability
Briefed below are the various causes of Vulnerability.
 The complex and huge structure of the networks will be a possible cause of
flaws in the architecture which will lead to vulnerability.
 Deploying the similar kind of hardware, network design, software tools, the
coding system, etc will increase the chances for the hacker to easily crack the
code of the system and the system will become prone to exploitation.
 Systems which are more dependent on physical network connections and
port connectivity are having more probability of vulnerability.
 The networking systems and PC’s which are using weak passwords for
security purpose will be easily exploited by the attacker.
The operating systems which easily give access to any of the software
program and each of the user who wants to access it get hacked easily by the
attacker and they can make changes in the program for their benefits.
Many of the websites on the Internet, when we are browsing them contain
harmful malware and other viruses which can be installed on our system by
themselves when we visit them. Thus the system will get infected by those
viruses and any information can be leaked from the computer by those
An exploitable software bug in the software program will lead to a software
8 Most Common Network Security Vulnerabilities
Given below are some of the common Network Security Vulnerabilities.
#1) USB thumb drives:
The use of USB drives is the most usual way in which any networking system can get
affected. Even the firewall will not be able to stop the virus attack as these are used
between many PC’s to exchange a large amount of data information and can carry lots of
data within it.
The USB drives which are infected with viruses such as worm are automatically installed on
the OS and are connected to the USB port as most of the OS by default allows these
programs to run.
Remedy: We can stop automatically installing these into the OS by changing the default
settings in the operating systems and can make them more secure towards the USB drive
virus attacks.
#2) Laptop and Notebooks: The devices like laptops and notebooks are very handy and
portable and are equipped with all the latest technology drivers, OS and have Ethernet port
as well through which it can be connected easily with any networking system.
Laptops are very unsafe from an organization point of view, an employee’s laptop contains
confidential data like employee’s salary, address, contact information, personal data,
company’s crucial database and personal banking passwords etc.
Any organization can’t bear to leak all this information as it will impact the business and the
organization can suffer from the business loss.
Remedy: All the confidential and crucial data should be stored in the encrypted form so that
no third party can easily access it. The rights to access the database should be limited or
reserved. In addition to this, only the LAN port should be enabled and all the other ports
should be disabled by the administrator.
#3) Miscellaneous USB devices: Apart from the USB thumb drives, there are some other
devices that are present in the network with the ability to read and store data within them
and can expose your system to vulnerability.
The devices such as digital camera, printer, scanner, MP3 player etc, which are infected
with the virus will come in contact with your system through the USB port and can harm
your networking system.
Remedy: Impose such policies which can control the automatic running of the USB port
programs on your system.
#4) Optical Media: The optical media is the carrier of a crucial data packet which is
exchanged in the WAN networking system for long distance communication. Hence, the
data from these links as well can be leaked or misused by the third party for the benefits
someone else as in the case of USB devices.
Remedy: The management needs to impose such policies and asset control rules which
can monitor and control the misuse of data.
#5) E-mail: E-mail is the most common source of communication within an organization or
between various organizations for business purposes. Any company uses e-mail for
sending and receiving the data. But e-mail is more frequently misused as it can be easy to
forward to anyone.
Also, at times, e-mails carry the viruses which can learn the destination host credentials and
then the hacker can easily access the emails of that employee of the organization from
anywhere. They can further misuse it for other unauthorized access as well.
Remedy: The use of e-mail security policies and frequent change of passwords of the
system on a regular interval of time is the best solution for this.
#6) Smartphones and Other Digital Devices: Smart mobile phones and other tablet
devices have the potential of working as a computer in addition to performing different tasks
like smart calling, video calling, high-storage capacity, high-resolution camera, and huge
application support system.
The risk of leakage of confidential data is also high as the organization employee using a
smartphone can click the picture of the secret business proposal or quotations and can
send them to anyone using a mobile 4G network.
Remedy: Need to implement policies which can control the device access while entering
and leaving the environment of the networking system.
#7) Weak Security Credentials: The use of weak passwords in the networking system will
expose the network to various virus attacks easily.
Remedy: The password used for network security should be strong like a unique
combination of alpha-numeric characters and symbols. Also, the same password should not
be used for a long time, one should keep changing the system password at regular intervals
for obtaining better results.
#8) Poor Configuration and use of Outdated Firewall: The firewall plays a very crucial
role in the network security management process. If an administrator does not properly
configure the firewall at various levels of the networks, then it will become prone to attack.
Apart from this, the software patch of the firewall should be updated all the time for the
proper functioning of the firewall. Use of outdated firewall hardware and software are of no
Remedy: Regular updation of the firewall software and proper implementation.
Vulnerability Assessment
It is the process that will assist you to explore, analyze and evaluate the security concerns
in your computer and the network system. The same is applicable to an organization as
The assessment will survey the loopholes and vulnerabilities in your network design or the
running system that will leave the scope for the hacker to enter from it and access your
system. Hence, it will generate awareness regarding possible network threats.
In an organization, for any particular project, network vulnerability assessment is not just a
review and analysis of the computer or networking tools used, but also of the devices and
sources linked with the network like a printer, Internet connection resources etc. as all these
can be a possible source of attack on a network.
The time and date when the organization has decided to conduct the assessment test
should be informed to everyone and should prepare a list of IP addresses and subnet mask
on which the test is going to be performed.
Also, the results at both the originating and receiving end of the IP addresses host point
should be monitored to filter out the suspected issues.
Vulnerability Assessment Steps
Enlisted below are the various steps involved in Vulnerability Assessment.
 Collection of data: The first step of the assessment is to collect all the
necessary data regarding the resources used in the system like IP addresses
of the system, media used, hardware used, kind of antivirus used by the
system, etc. Once all these details are collected, further analysis can be
 Identification of possible network threat: Now with the input data, we can
locate the possible cause and loopholes of the network threats in the network,
that can harm our system. Here, we also need to prioritize the threat that
should be attended first as the need of the system is to deal with the big
threat first.
 Analyzing the router and WI-FI password: It is necessary to check that the
passwords used to login into the router and the password used to access the
Internet is strong enough so that can’t be easily cracked. Also, here it is
essential to validate that the password should be changed on a regular
interval of time so that the system will become more immune to attacks.
 Reviewing Organization’s Network strength: The next step is to evaluate
the network strength of the system with respect to the usual attacks inclusive
of the distributed denial of service (DDoS), man-in-the-middle attack (MITM)
and network intrusion. This, in turn, will give us a clear picture of how our
system will respond in case of these attacks and if it is capable to rescue
itself or not.
 Security Assessment of Network device: Now analyze the response of the
network devices like a switch, router, modem and PC against network
attacks. This will elaborate on the reaction of the devices with reference to the
 Scanning for identified Vulnerabilities: The final step of the assessment is
to scan the system for the known threats and vulnerabilities that are already
present in the network. This is done by using various scanning tools.
 Report Creation: The documentation of the network vulnerability assessment
process is very crucial. It should contain all the activities performed from start
to the end and the threats found during the testing, along with the process to
diminish them.
 Repetitive Testing: One should keep reviewing and analyzing the system for
new possible threats and attacks and should take all possible measures to
mitigate them.
Note: The vulnerability assessment process acts as the input to the network security policy.
It is performed by the software vulnerability assessment tools. For detailed knowledge on
the vulnerability assessment tools, you should check the below page.
Recommended Reading => Vulnerability Assessment Tools
The administrator who is performing it will also give his judgment regarding the security
policies. Once the assessment gets completed, it will help in improvising the network
security policies.
Vulnerability Scanning
The scanning process discovers and categorizes the weakness in a networking system,
PC’s, hardware equipment and the software of the organization and this information is then
used to correlate the identified issues with the scanned vulnerabilities.
To carry out this association, the scanners will exploit a vulnerability database which
consists of some commonly identified vulnerability. It is accomplished by the organization’s
IT department or the service provider. The Vulnerability scan is also used by the attackers
to seek the entry surface in the networking system or the computer.
There are different steps involved in the vulnerability scanning process and some of
them are listed below:
 The end-points in the system are scanned by sending TCP or UDP packets
between the source and destination points by pinging the IP addresses.
 The scan is carried out to locate the open ports and services running on the
 The scan process runs a program which interacts with the web application to
locate the possible vulnerabilities that lie in the architecture of the network.
 The process looks out for unwanted programs installed in the system, missing
patches, and validation of the configuration done in the system.
However, carrying out the vulnerability scan process has some risk as well, because
sometimes while running a scan on a computer, the system will reboot again and again and
even there are chances for some system to get crashed too.
There are two methods for performing the scanning process, i.e. Authenticated Scan and
Unauthenticated Scan.
In the authenticated scan process, the scanner will scan the network by authentically
logging into the system as a valid user. Hence, it will acquire the trust of the system and will
disclose the vulnerabilities that are accessible by an internal user.
On the other hand, in the unauthenticated scan process, the scanner will scan for the
vulnerabilities in the network as a guest user, without logging into the network. Therefore it
will get only an outsider view on the possible threats and will miss out most of the
Challenges to Vulnerability Scanning
Benefits of Vulnerability Scanning
It provisions a proactive method to shut any type of loopholes in the system
and helps in maintaining a healthy security system for the organization, data
centers and employees themselves.
The network scanning helps in taking proactive actions by the organization to
protect the system from hackers to exploit any vulnerability.
The scan helps to guard the crucial and sensitive data of the regulatory
systems, defense system and other organizations data from being exposed to
Vulnerability Management Process
Enlisted below are the various factors involved in Vulnerability Management.
#1) Vulnerability Scanning:
The process of vulnerability scanning is already explained above in detail. Now the next
step after the scanning process is to evaluate the outcomes of the scanning process.
#2) Evaluation of Vulnerability Outcomes:
The organization needs to validate the results of the scanning process. The outcomes
should be analyzed and checked for true and false positive results. If the result shows false
vulnerability then it should be eliminated.
The evaluation process also checks as of how the found vulnerability will impact the overall
business of the organization. It also ensures whether security measures available are
sufficient enough to handle the found issues or not.
#3) Treating Vulnerabilities:
It includes updating the patches which are missing or out-of-date in the network. If the issue
is unresolved and not fixed even after patch upgrade then the is done.
If the vulnerability has a very low-risk factor then it is accepted and no actions are taken to
remove it. If the risk factor is high, then the software and other upgrades are run to resolve
#4) Report Generation:
The outcomes should be documented for future references. The assessment process
should take place on a regular interval of time to overcome the risks involved due to the
newly introduced vulnerabilities in the network.
The dashboard and reports generated will help in analyzing the clear picture of the
outcomes of the scan and thereby help the IT team to fix them by comparing them on the
basis of the level of risk involved.
These above steps summarize the overall management of network vulnerability. The main
focus is that the process of conducting scanning and managing should take place regularly
on a pre-defined set of time intervals.
In this tutorial, we have learned the causes of network vulnerability along with some
common type of vulnerabilities that we generally encounter in the networking system.
We also came to know more about vulnerability assessment and vulnerability scanning
process. The assessment process will help in gathering data regarding the possible
vulnerabilities in the organization.
We explored the benefits and challenges faced by the scanning process and through this
process, we can find out the vulnerabilities that are present in the hardware and software of
the networking system or organization. The scanning process is conducted at various
Finally, from the vulnerability management process, we have explored more about
assessment, scanning, evaluation, reporting and treating of the vulnerability issues.
PREV Tutorial | NEXT Tutorial
What is a Vulnerability Assessment?
February 14, 2019 | By Comodo
(138 votes, average: 4.97 out of 5)
Vulnerability Assessment as the name suggests is the process of recognizing,
analyzing and ranking vulnerabilities in computers and other related systems to equip
the IT personnel and management team with adequate knowledge about prevailing
threats in the environment. With the appropriate information at hand, the risk factors can
rightly be understood, and the required measures can be defined competently without
any delay. Vulnerability Assessment is not specific to one industry and can be applied
in all industries ranging from IT systems to Energy and other utility systems.
The Importance Of Vulnerability Assessment
Vulnerability assessment provides deep insights on security deficiencies in an
environment and helps to evaluate a system’s vulnerability to a specific threat and the
evolving ones. Simply put, an organization can fully understand the security flaws,
overall risk, and assets that are vulnerable to cybersecurity breaches. To stay protected
and to counter surprise attacks, a thorough vulnerability assessment can fix the
unattended security issues.
Types of Vulnerability Assessments
Basically, a vulnerability assessment applies various methods, tools, and scanners to find
out grey areas, threats, and risks. Everything depends on how well the weakness in the
given systems is discovered to attend to that specific need. Find below different types of
vulnerability assessment scans:
Network-based scans
Going by the name, it helps identify possible network security attacks. The scan helps zero-in the
vulnerable systems on wired or wireless networks.
Host-based scans
Server workstations or other network hosts vulnerabilities are easily identified using these scans. In
the process, ports and services are examined vigorously. It also provides excellent visibility into the
configuration settings and patch history of scanned systems.
Wireless network scans
Wireless network infrastructure is scanned to identify vulnerabilities, it helps in validating a
company’s network.
Application Scans
It is used to test websites to discover all known software vulnerabilities.
Database Scans
Database Scans aid in identifying grey areas in a database to prevent vicious attacks by